Apr 07 2015

Denial Of Service…or Distraction?

It used to be that, when you heard someone was suffering from a DDoS attack, they were being bombarded with an amazing amount of traffic and sessions, effectively crashing the site for any legitimate traffic.

Things tend to evolve over time. The same is apparently holding true for the denial of service attacks. As noted in a recent study, new DDoS attacks are trending towards shorter spans of time, tying up less than the typical amount of bandwidth (http://www.fierceitsecurity.com/story/companies-are-being-koed-after-ddos-jabs/2015-03-24). In other words, what was once a true attempt to deny service, is now using that D for something else. Distraction or diversion.

It seems that a new trend is developing where hackers and the criminal element are utilizing a DDoS attack to tie up valuable IT resources. Once their attention is drawn toward the attack, the hackers go after their intended target, the company data. Not many IT organizations are equipped to handle, much less prepared to handle, two such attacks nearly simultaneously.

This is worth keeping in mind, especially given the increase in the number of high profile data breaches that we’ve seen over the last year-a trend that is only likely to increase. If you are in an IT organization, and you come under DDoS, but find it is surprisingly short lived? You may want to keep a much closer eye on the rest of your network. It could be nothing, or it could be something much worse than a DDoS attack on it’s own would represent. Better to be prepared than to be caught flat-footed and suffer a damaging data breach.